lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAE16376-98B3-4DE9-A171-48CC87F54E9B@arbor.net>
Date: Tue, 9 Aug 2011 18:32:47 +0000
From: "Dobbins, Roland" <rdobbins@...or.net>
To: "bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com>, Full Disclosure
	<full-disclosure@...ts.grok.org.uk>
Cc: Fernando Gont <fgont@...kingipv6networks.com>
Subject: Re: Hacking IPv6 Networks (slides)

On Jul 26, 2011, at 10:35 PM, Fernando Gont wrote:

> They contain quite a few insights about IPv6 security, along with a number of practical examples.

Good stuff!

A few observations:

1.	By prepending lots of extension headers to packets, it may be possible to exhaust router ASIC/TCAM capacity, causing the traffic in question to be punted to the RP and thus leading to a DoS condition.

2.	The consonance of the English letters 'B', 'C', 'D', & 'E' is likely to result in untold billions of dollars of opex related to misconfigurations, outages, improper access policies contributing to security breaches, etc.  Whenever possible, IPv6 address-/netblock-related information should be transmitted in written form, not verbally.

3.	BGP and IGP mining can also be useful for hinted scanning.

4.	The numerous instantiations of additional state being added to networks in the form of 6-to-4 gateways, CGNs, et. al. as a result of IPv4 address exhaustion and IPv6 transition greatly increases the DoS risk, as well.  There's already far too much of this in the mobile/wireless world, resulting in numerous DoS conditions on those networks caused by portscans/hostscans/outbound & crossbound DDoS attacks initiated by botted hosts; now it's going to become even more common in the wireline world, as well.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins@...or.net> // <http://www.arbornetworks.com>

		The basis of optimism is sheer terror.

			  -- Oscar Wilde

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ